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10 event, however, may a reply be timely filed 



The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). I 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment See 37 CFR 1.704(b). 

Status 

1 )[X] Responsive to communication(s) filed on 09 April 2004 . 
2a)D This action is FINAL. 2b)IEl This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) Kl Claim(s) 5-12 and 43-50 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 5-12 and 43-50 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachments) 

1) E>3 Notice of References Cited (PTO-892) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date . 



4) □ Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) □ Notice of Informal Patent Application (PTO-152) 
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DETAILED ACTION 

As per applicant's preliminary amendment dated 9 April 2004, claims 1-4 and 13-42 
were canceled and claims 5-12 and 43-50 are pending. Thus, claims 5-12 and 43-50 are 
presented for examination on the merits. 

Priority 

This application is a division of Application No. 09/652,899, filed 8/3 1 /2000. 
Applicant's claim for domestic priority under 35 U.S.C. 1 19(e) is acknowledged. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

Claims 5-12 and 43-50 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Guheen et al. (hereinafter Guheen), US 6,473,794 Bl. 

As per the following claims, Guheen discloses: 
Claims 5-12 

5. A method for protecting a network server from being used as the basis of an attack on a 
network client, the method comprising (column 43, lines 34-67; column 248, lines 38-45): 

a. restricting access to said network server to a portion of said network server for at least 
a selected protocol (column 17, directory services; column 276, line 34-277, line 24); and 
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b. scanning said portion of said network server for particular characters, said particular 
characters being associated with said selected protocol (column 19, Product2 ISP Server 
Bundle). 

6. The method of claim 5, further comprising removing said particular characters such that a 
security risk posed by said selected protocol is reduced (column 273, lines 35-67; column 279, 
lines 42-63). 

7. The method of claim 5, further comprising replacing said particular characters with benign 
characters such that a security risk posed by said selected protocol is reduced (column 272, line 
30-column 259, line 30). 

8. The method of claim 5, wherein said characters are hostile characters and wherein if a request 
contains any of said hostile characters, the request is rejected (column 273, lines 16-34; column 
280, lines 19-39). 

9. The method of claim 5, further comprising logging said particular characters to form a security 
log (column 266, lines 12-21, column 268, lines 20-36, column 286, lines 13-58). 

10. The method of claim 9, further comprising reviewing said security log to determine whether 
said particular characters are hostile (column 43, line 34-column 44, line 8). 
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11. The method of claim 5, wherein said protection of the network server is accomplished during 
an electronic purchase transaction (column 25 1 , lines 34-36). 

12. The method of claim 1 1, wherein the electronic purchase transaction is conducted using a 
digital wallet (column 17, java wallet; column 261, lines 30-53). 

Claims 43-50 

43. A computer-implemented method for protecting a network server from being used as the 
basis of an attack on a network client, the method comprising: 

a. receiving a request for a connection at said server from said network client (figure 87, 
2613; receiving user indicia); and 

b. scanning a portion of said network server for particular characters associated with a 
protocol (fig 87, 261 5; monitoring the status of offerings utilizing the user indicia) . . 

c. verifying that any response from said network server to said network client is void of 
said particular characters (fig 88, 2700; allowing browser-based authentication with user 
verification data) and 

d. providing said response from said network server to said network client (fig 88, 2702; granting 
access to at least one of application and system data based on the user verification data). 

44. The method of claim 43 further comprising restricting access to said network server for said 
protocol to said portion of said network server (column 17, directory services; column 276, line 
34-277, line 24). 
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45. The method of claim 43 further comprising replacing said particular characters with benign 
characters such that a security risk posed by said selected protocol is reduced (column 272, line 
30-column 259, line 30). 

46. The method of claim 43 wherein said protocol comprises JavaScript (column 34, lines 10- 
60). 

47. The method of claim 43 further comprising logging said particular characters to form a 
security log (column 266, lines 12-21, column 268, lines 20-36, column 286, lines 13-58). 

48. The method of claim 47 further comprising reviewing said security log to determine whether 
said particular characters are hostile (column 273, lines 16-34; column 280, lines 19-39). 

49. The method of claim 47 wherein said protection of the network server is accomplished 
during an electronic purchase transaction (column 251, lines 34-36). 

50. The method of claim 49 wherein the electronic purchase transaction is conducted using a 
digital wallet (column 17, java wallet, column 261, lines 30-53). 

Examiner has pointed out particular references contained in the prior arts of record in 
the body of this action for the convenience of the applicant. Although the specified citations 
are representative of the teachings in the art and are applied to the specific limitations within 
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the individual claim, other passages and figures may apply as well. It is respectfully requested 
from the applicant, in preparing the response, to consider fully the entire references as 
potentially teaching all or part of the claimed invention, as well as the context of the passage 
as taught by the prior arts or disclosed by the examiner. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Bradley B. Bayat whose telephone number is 571-272-6704. The 
examiner can normally be reached on Tuesday-Friday 8am-6: 30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Tfammell can be reached on 571-272-6712. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-2 1 7-9 1 97 (toll-free). 
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